Feature 9015: check quotas for admin and return Unauthorize 30/9030/2
authortierno <alfonso.tiernosepulveda@telefonica.com>
Thu, 28 May 2020 10:41:10 +0000 (10:41 +0000)
committertierno <alfonso.tiernosepulveda@telefonica.com>
Wed, 3 Jun 2020 22:13:37 +0000 (22:13 +0000)
Change-Id: I856aea935c03d835fe22176c31c27bce15d59b12
Signed-off-by: tierno <alfonso.tiernosepulveda@telefonica.com>
osm_nbi/base_topic.py
osm_nbi/descriptor_topics.py
osm_nbi/tests/test_admin_topics.py
osm_nbi/tests/test_descriptor_topics.py

index e849bb8..1f7f5d4 100644 (file)
@@ -114,7 +114,7 @@ class BaseTopic:
             DbException if project not found
             ValidationError if quota exceeded and not overridden
         """
-        if session["force"] or session["admin"]:
+        if session["force"]:
             return
         projects = session["project_id"]
         for project in projects:
@@ -124,7 +124,8 @@ class BaseTopic:
             count = self.db.count(self.topic, {"_admin.projects_read": pid})
             if count >= quota:
                 name = proj["name"]
-                raise ValidationError("{} quota ({}) exceeded for project {} ({})".format(self.topic, quota, name, pid))
+                raise ValidationError("quota ({}={}) exceeded for project {} ({})".format(self.topic, quota, name, pid),
+                                      http_code=HTTPStatus.UNAUTHORIZED)
 
     def _validate_input_new(self, input, force=False):
         """
index fdf46e5..a5cc196 100644 (file)
@@ -146,29 +146,27 @@ class DescriptorTopic(BaseTopic):
         :return: _id, None: identity of the inserted data; and None as there is not any operation
         """
 
-        try:
-            # Check Quota
-            self.check_quota(session)
+        # No needed to capture exceptions
+        # Check Quota
+        self.check_quota(session)
 
-            # _remove_envelop
-            if indata:
-                if "userDefinedData" in indata:
-                    indata = indata['userDefinedData']
+        # _remove_envelop
+        if indata:
+            if "userDefinedData" in indata:
+                indata = indata['userDefinedData']
 
-            # Override descriptor with query string kwargs
-            self._update_input_with_kwargs(indata, kwargs)
-            # uncomment when this method is implemented.
-            # Avoid override in this case as the target is userDefinedData, but not vnfd,nsd descriptors
-            # indata = DescriptorTopic._validate_input_new(self, indata, project_id=session["force"])
-
-            content = {"_admin": {"userDefinedData": indata}}
-            self.format_on_new(content, session["project_id"], make_public=session["public"])
-            _id = self.db.create(self.topic, content)
-            rollback.append({"topic": self.topic, "_id": _id})
-            self._send_msg("created", {"_id": _id})
-            return _id, None
-        except ValidationError as e:
-            raise EngineException(e, HTTPStatus.UNPROCESSABLE_ENTITY)
+        # Override descriptor with query string kwargs
+        self._update_input_with_kwargs(indata, kwargs)
+        # uncomment when this method is implemented.
+        # Avoid override in this case as the target is userDefinedData, but not vnfd,nsd descriptors
+        # indata = DescriptorTopic._validate_input_new(self, indata, project_id=session["force"])
+
+        content = {"_admin": {"userDefinedData": indata}}
+        self.format_on_new(content, session["project_id"], make_public=session["public"])
+        _id = self.db.create(self.topic, content)
+        rollback.append({"topic": self.topic, "_id": _id})
+        self._send_msg("created", {"_id": _id})
+        return _id, None
 
     def upload_content(self, session, _id, indata, kwargs, headers):
         """
index d8a4e63..dce8710 100755 (executable)
@@ -54,6 +54,7 @@ class Test_ProjectTopicAuth(TestCase):
         self.topic = ProjectTopicAuth(self.db, self.fs, self.msg, self.auth)
         self.fake_session = {"username": self.test_name, "project_id": (test_pid,), "method": None,
                              "admin": True, "force": False, "public": False, "allow_show_user_project_role": True}
+        self.topic.check_quota = Mock(return_value=None)  # skip quota
 
     def test_new_project(self):
         with self.subTest(i=1):
@@ -215,6 +216,7 @@ class Test_RoleTopicAuth(TestCase):
         self.topic = RoleTopicAuth(self.db, self.fs, self.msg, self.auth)
         self.fake_session = {"username": test_name, "project_id": (test_pid,), "method": None,
                              "admin": True, "force": False, "public": False, "allow_show_user_project_role": True}
+        self.topic.check_quota = Mock(return_value=None)  # skip quota
 
     def test_new_role(self):
         with self.subTest(i=1):
@@ -375,6 +377,7 @@ class Test_UserTopicAuth(TestCase):
         self.topic = UserTopicAuth(self.db, self.fs, self.msg, self.auth)
         self.fake_session = {"username": test_name, "project_id": (test_pid,), "method": None,
                              "admin": True, "force": False, "public": False, "allow_show_user_project_role": True}
+        self.topic.check_quota = Mock(return_value=None)  # skip quota
 
     def test_new_user(self):
         uid1 = str(uuid4())
@@ -598,6 +601,7 @@ class Test_CommonVimWimSdn(TestCase):
         self.topic.schema_edit = validation.wim_account_edit_schema
         self.fake_session = {"username": test_name, "project_id": (test_pid,), "method": None,
                              "admin": True, "force": False, "public": False, "allow_show_user_project_role": True}
+        self.topic.check_quota = Mock(return_value=None)  # skip quota
 
     def test_new_cvws(self):
         test_url = "http://0.0.0.0:0"
index d012ac9..260104a 100755 (executable)
@@ -85,6 +85,7 @@ class Test_VnfdTopic(TestCase):
         self.msg = Mock(msgbase.MsgBase())
         self.auth = Mock(authconn.Authconn(None, None, None))
         self.topic = VnfdTopic(self.db, self.fs, self.msg, self.auth)
+        self.topic.check_quota = Mock(return_value=None)  # skip quota
 
     def test_new_vnfd(self):
         did = db_vnfd_content["_id"]
@@ -531,6 +532,7 @@ class Test_NsdTopic(TestCase):
         self.msg = Mock(msgbase.MsgBase())
         self.auth = Mock(authconn.Authconn(None, None, None))
         self.topic = NsdTopic(self.db, self.fs, self.msg, self.auth)
+        self.topic.check_quota = Mock(return_value=None)  # skip quota
 
     def test_new_nsd(self):
         did = db_nsd_content["_id"]